Latest news as of 2/20/2026, 11:28:23 PM
Bleeping Computer
Microsoft is working to resolve a bug that causes Defender for Endpoint to incorrectly tag some devices' BIOS (Basic Input/Output System) firmware as outdated, prompting users to update it. [...]
The Hacker News
Cybersecurity researchers have flagged a malicious package on the Python Package Index (PyPI) repository that claims to offer the ability to create a SOCKS5 proxy service, while also providing a stealthy backdoor-like functionality to drop additional payloads on Windows systems. The deceptive package, named soopsocks, attracted a total of 2,653 downloads before it was taken down. It was first
Dark Reading
With SMS, voice, and QR-code phishing incidents on the rise, it's time to take a closer look at securing the mobile user.
Dark Reading
The long-running South Asian advanced persistent threat (APT) group is advancing its objectives against Pakistani targets, with a shift to deploying Python-based surveillance malware.
The Register
Extortion emails name-drop Big Red's E-Business Suite, though Google and Mandiant yet to find proof of any breach Criminals with potential links to the notorious Clop ransomware mob are bombarding Oracle execs with extortion emails, claiming to have stolen sensitive data from Big Red's E-Business Suite, according to researchers.…
The Hacker News
Google Mandiant and Google Threat Intelligence Group (GTIG) have disclosed that they are tracking a new cluster of activity possibly linked to a financially motivated threat actor known as Cl0p. The malicious activity involves sending extortion emails to executives at various organizations and claiming to have stolen sensitive data from their Oracle E-Business Suite. "This activity began on or
The Hacker News
From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing — no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions. On the defense side, AI is stepping up to block ransomware in real
The Hacker News
Penetration testing is critical to uncovering real-world security weaknesses. With the shift into continuous testing and validation, it is time we automate the delivery of these results. The way results are delivered hasn’t kept up with today’s fast-moving threat landscape. Too often, findings are packaged into static reports, buried in PDFs or spreadsheets, and handed off manually to
The Register
The longer the shutdown, the less likely critical IT overhauls happen, ex federal CISO tells The Register The US government shut down at 1201 ET on October 1, halting non-essential IT modernization and leaving cybersecurity operations to run on skeleton crews.…
The Register
Experts say Commission is ‘fanning the flames’ of the continent’s own Watergate An arsenal of angry European Parliament members (MEPs) is demanding answers from senior commissioners about why EU subsidies are ending up in the pockets of spyware companies.…